<?php
//include the functions.php
require "include/functions.php";
session_start();
?>

<html>
<head>
<title>Home Electronics - User creation page</title>
<link rel="stylesheet" href="include/styles.css" type="text/css">
</head>
<body>
<div id="container" align="center">
   <div id="header">
		<div id="topmenu"><ul><?php top_menu(); ?></ul></div> 
		<div id="menu" align="right">
		<form name="form1" method="post" action="search.php">
		<tr>
		<td height="35" width="78"><a>Search Products</a></td>
		<td height="35" width="3">:</td>
		<td height="35" width="294"><input name="mysearch" type="text" id="mysearch">&nbsp;&nbsp;&nbsp;</td>
		</tr>
		</form>
		</div>
		<div id="menubar"> <!-- Menu buttons -->
  		<ul>
   		<li><a href="index.php" title="Home"><span>Home</span></a></li>
	    <li><a href="#" title="Computing"><span>Computing</span></a></li>
		<li><a href="#" title="Kitchen"><span>Kitchen</span></a></li>
		<li><a href="#" title="Bathroom"><span>Bathroom</span></a></li>
		<li><a href="#" title="Laundry"><span>Laundry</span></a></li>
		<li><a href="#" title="Furniture and Bedding"><span>Furniture & Bedding</span></a></li>
    	</ul>
		</div>
	</div> <!-- Header -->

	
	<div id="body" align="center">
		<div id="page">
<?php

$host="localhost"; //Sets database host address
$username="home_electronics"; //Sets database username
$password=""; //Sets database password
$db_name="home_e"; //Sets database name
$tbl_name="user"; //Sets the table to be used

mysql_connect("$host", "$username", "$password")or die("cannot connect"); //connects to mysql
mysql_select_db("$db_name")or die("cannot select DB"); //selects database

$myusername = $_POST['myusername']; //stores username
$mypassword = $_POST['mypassword']; //stores password
$firstname	= $_POST['firstname']; //stores username
$lastname 	= $_POST['lastname']; //stores password
$address 	= $_POST['address']; //stores username
$email 		= $_POST['email']; //stores password


//encrypt password with the user as salt for the algorithm
$mypassword = crypt(md5($mypassword),md5($myusername));


//Validate CAPTCHA
if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) )
 {
	//unset($_SESSION['security_code']);

	$sql="SELECT * FROM $tbl_name WHERE user_name='$myusername'"; //searches db for user/pass
	$result=mysql_query($sql); //sets the result
	$count=mysql_num_rows($result); //sets count to number of matches found

	if(!$count==0) { //if the count isnt 0 it will stop
		print(''.$myusername.', is already in the database.');
				
		redirect('new_user.php');
		
	}
	else { //if username not used it adds it with below insert
		mysql_query("INSERT INTO $tbl_name (user_id, user_name, password, user_type, first_name, last_name,postal_address,email) VALUES (NULL, '$myusername', '$mypassword', '0', '$firstname', '$lastname', '$address', '$email')");
		alert(strtolower($myusername).'  has been successfully added to the database.');
		redirect('main_login.php');
	}
}
else{

alert('Please check the security Code.');
redirect('new_user.php');
}


?>
		</div>
	</div> <!--body div -->
   		
   <? footer(); ?>
</div>
</body>
</html>

